Closed lmakarov closed 6 years ago
@ey- I wonder if this covers the use case you had when you submitted #16
@lmakarov Yes it does. Only thing I am missing is the https to http redirect but this could/should be handled on the apache level as you wrote in #16.
@ey- Good, thanks for confirming. This update should be released with a new version of Docksal (1.10) later this month.
This is a rewrite of the idea originally proposed in #16, though, the implementation is a bit different.
Instead of picking certs up from the project code base, custom certs are expected to be mounted at
/etc/certs/custom
(outside of any project's codebase).The latest dev version of
fin
(1.63.0+) will automatically mount$HOME/.docksal/certs
to/etc/certs/custom
.Using custom certs
Mount a folder with certs to
/etc/certs/custom
. Certs are looked up by virtual host name.E.g., cert and key for
example.com
(or*.example.com
) are expected in:Shared certs (SNI) are also supported. Use
io.docksal.cert-name
label to set the cert name for a container.Example: for
io.docksal.cert-name=shared
the following cert/key will be used:When multiple domain values are set in
io.docksal.virtual-host
, the first one is considered the primary one and used for certificate lookup. You can also always point to a specific cert withio.docksal.cert-name
.